Venafi / blueprint-securesoftwarepipeline
For engineers and security teams driving fast and secure software supply chains
☆82Updated 2 years ago
Alternatives and similar repositories for blueprint-securesoftwarepipeline:
Users that are interested in blueprint-securesoftwarepipeline are comparing it to the libraries listed below
- This repo is a consolidation of Secure Software Supply Chain resources, such as talks, whitepapers, conferences and more.☆137Updated 2 years ago
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆170Updated 4 months ago
- OWASP Foundation Web Respository☆55Updated last year
- Count distinct contributor of Snyk watched repos across several SCM☆32Updated 9 months ago
- Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.☆58Updated last year
- Create custom auto-remediation solutions using serverless functions in the cloud.☆53Updated last year
- ☆16Updated 10 months ago
- SCP management tool☆131Updated last year
- ☆114Updated last week
- OWASP Foundation Web Respository☆82Updated 2 months ago
- A collection of DoD and Federal Government Cloud Computing Resources☆48Updated 3 years ago
- Kubernetes Common Configuration Scoring System☆124Updated 2 years ago
- The Amazon Elastic Kubernetes Service (EKS) Creation Engine (ECE) is a Python command-line program created by the Lightspin Office of the…☆40Updated 2 years ago
- A tool to create, transform and attest VEX metadata☆133Updated last week
- A place for the InfoSec community to share and celebrate real stories of organizations successfully using SBOMs (and other bills of mater…☆42Updated last year
- Container Security Verification Standard☆58Updated 5 years ago
- A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat …☆182Updated 6 months ago
- Compares and analyzes GCP IAM roles.☆77Updated 2 weeks ago
- This repository is a collection of resources to help facilitate compliance innovation utilizing Cloud, DevSecOps and Software Factory tec…☆71Updated last year
- Documenting your Threat Models with HCL☆425Updated 6 months ago
- Project intended to make Attack Maps part of software development by reducing the time it takes to complete them.☆48Updated 8 years ago
- The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously…☆204Updated last month
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆60Updated last year
- List of vendors that do not allow IMDSv2 enforcement☆141Updated 10 months ago
- A collection of DevSecOps reference architectures☆67Updated 4 years ago
- A docker container to simplify and secure the use of Infrastructure as Code (IaC)☆71Updated this week
- Coalfire AWS RAMP/pak Reference Architecture☆36Updated 6 months ago
- A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)☆191Updated 3 months ago
- Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.☆30Updated 5 months ago
- Terraform PrismaCloud provider☆55Updated this week